New Ursnif variants silently targets banks and employ redirection attacks
This article talks about the following: The recent attacks on Australian banks has alarmed consumers and this has been attributed to New Ursnif that is using redirection attacks and malicious TLS callback techniques to achieve process injection. It does it by establishing a genuine connection with the bank as if it’s a legitimate connection and then gradually use web injections to steal the login credentials.
It will be interesting to see how things unfold in the future. While banks in Australia are known to be highly sophisticated in their cyber systems, such threats have sparked a new debate. How can banks even know about new types of threats that are coming in? If legitimacy is what attackers are playing with, how can bank employees be trained of new ways of threat and denying any service to packets from such systems?
Donald,
This new Ursnif will be another breach that will be added to previous ones. These banks really need to work harder and improve themselves to be able to protect us and our sensitive information. I am so disappointed about the small efforts these banks do. I feel we are not protected anymore and actions need to be executed such as investing in IT security departments.